package com.wang.mall.controller;

import com.wang.mall.bean.SysUser;
import com.wang.mall.model.R;
import com.wang.mall.service.SysRoleService;
import com.wang.mall.service.SysUserRoleService;
import com.wang.mall.service.SysUserService;
import com.wang.mall.util.PageUtils;
import org.apache.commons.lang.ArrayUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.*;

import java.util.List;
import java.util.Map;

@RestController
@RequestMapping("/sys/user")
public class SysUserController {

    @Autowired
    private SysUserService sysUserService;

    @Autowired
    private SysUserRoleService sysUserRoleService;

    @Autowired
    private SysRoleService sysRoleService;


    @PostMapping("/password")
    @PreAuthorize("hasAuthority('sys:user:update')")
    public R updatePassword(@RequestBody Map<String, String> params) {
        String newPassword = params.get("newPassword");
        String password = params.get("password");
        Long userId = Long.valueOf(SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString());
        boolean isOK = sysUserService.updatePassword(newPassword, password, userId);
        return isOK ? R.ok() : R.fail("修改密码失败");
    }

    /**
     * 删除用户
     */
    @PostMapping("/delete")
    @PreAuthorize("hasAuthority('sys:user:delete')")
    public R delete(@RequestBody Long[] userIds) {

        Long userId = Long.valueOf(SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString());

        for (Long id : userIds) {
            if (sysRoleService.isAdmin(id)) {
                return R.fail("系统管理员不能删除");
            }
        }

        if (ArrayUtils.contains(userIds, userId)) {
            return R.fail("当前用户不能删除");
        }

        sysUserService.deleteBatch(userIds);

        return R.ok();
    }

    /**
     * 修改用户
     */
    @PreAuthorize("hasAuthority('sys:user:update')")
    @PostMapping("/update")
    public R update(@RequestBody SysUser user) {
        Long userId = Long.valueOf(SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString());

        user.setCreateUserId(userId);
        sysUserService.update(user);

        return R.ok();
    }


    @GetMapping("/info/{userId}")
    @PreAuthorize("hasAuthority('sys:user:list')")
    public R info(@PathVariable Long userId) {
        SysUser user = sysUserService.getById(userId);

        //获取用户所属的角色列表
        List<Long> roleIdList = sysUserRoleService.queryRoleIdList(userId);
        user.setRoleIdList(roleIdList);

        return R.ok(user);
    }

    @PostMapping("/save")
    @PreAuthorize("hasAuthority('sys:user:save')")
    public R save(@RequestBody SysUser user) {
        Long userId = Long.valueOf(SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString());
        user.setCreateUserId(userId);
        sysUserService.saveUser(user);
        return R.ok();
    }

    @GetMapping("/info")
    @PreAuthorize("hasAuthority('sys:user:list')")
    public R getUserInfo() {
        Long userId = Long.valueOf(SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString());
        SysUser sysUser = sysUserService.getById(userId);
        sysUser.setPassword("********");
        return R.ok(sysUser);
    }


    /**
     * sys/user/list?t=1623152186222&page=1&limit=10&username=
     *
     * @return
     */
    @PreAuthorize("hasAuthority('sys:user:list')")
    @GetMapping("/list")
    public R<PageUtils> getUserLisy(Integer page, @RequestParam(defaultValue = "10") Integer limit, String username) {
        PageUtils pageUtils = sysUserService.queryPage(page, limit, username);
        return R.ok(pageUtils);
    }
}
